feat(core): Ensure input's script type and path match the scriptPubKey.

2 years ago · c9e6ca30c9
parent a38a0b6295
commit c9e6ca30c9
3 changed files with 5 additions and 0 deletions
--- a/core/.changelog.d/1018.changed
+++ b/core/.changelog.d/1018.changed
@ -0,0 +1 @@
+Ensure input's script type and path match the scriptPubKey.
--- a/core/.changelog.d/1018.incompatible
+++ b/core/.changelog.d/1018.incompatible
@ -0,0 +1 @@
+Trezor will refuse to sign UTXOs that do not match the provided derivation path (e.g., transactions belonging to a different wallet, or synthetic transaction inputs).
--- a/core/src/apps/bitcoin/sign_tx/bitcoin.py
+++ b/core/src/apps/bitcoin/sign_tx/bitcoin.py
@ -229,6 +229,9 @@ class Bitcoin:
                if prev_amount != txi.amount:
                    raise wire.DataError("Invalid amount specified")

+                if script_pubkey != self.input_derive_script(txi):
+                    raise wire.DataError("Input does not match scriptPubKey")
+
                if i in self.external:
                    await self.verify_external_input(i, txi, script_pubkey)
				`@ -0,0 +1 @@`
				`Ensure input's script type and path match the scriptPubKey.`
				`@ -0,0 +1 @@`
				`Trezor will refuse to sign UTXOs that do not match the provided derivation path (e.g., transactions belonging to a different wallet, or synthetic transaction inputs).`